35

I have a file with the following permissions:

root:data, and chmod set to 775.

My normal user, let's call him boby, is in the data group.

Why can't I delete the file with the user boby?

 rwxrwxr-x 18 root data 4096 2011-12-30 22:02 storage
 my user is in the group data but can't write into storage
johnlemon
  • 7,233
  • 3
  • 18
  • 16

6 Answers6

38

Because by deleting a file, you are not just modifying the file but also modifying its directory.

So if your file is:

rwxrwxr-x

You would be able to do:

cp /dev/null <filename>

But if your directory permissions are: 

rwxr-xr-x  root  data  <directory name>

Then system will prevent you removing the file.

Sameer
  • 3
  • 2
Karlson
  • 2,403
  • 2
  • 17
  • 15
16

File deletion is based on directory perms, not file perms (*).

Do you have write permissions on the directory that contains the file?

(*) Caveat, you can have a directory where you enforce that only the owner of the file can delete it. This is useful for temp dirs.

Rich Homolka
  • 31,057
  • 6
  • 55
  • 80
  • Also have a look here: https://superuser.com/questions/784952/linux-group-member-cannot-delete-file-with-rw-permission where the same is discussed. – Meetai.com May 27 '15 at 02:49
  • About _"Do you have write permissions on the directory that contains the file?"_ - Does it only apply to the immediate parent directory, right? – Manuel Jordan Oct 05 '21 at 02:00
  • 1
    @ManuelJordan write permissions, yes. Think of a directory as a scratchpad that lists “these are all the files just under me”. To delete a file you kinda rewrite that scratchpad. But don’t need to rewrite anything above you. Other perms are important, i have some kid errands to finish but there’s some combination of missing R and X flags on parent dire that would make this difficult – Rich Homolka Oct 05 '21 at 02:25
1

If the containing directory does not permit the user boby or the data group to write to it, then that would explain this behavior.

Andrew Lambert
  • 7,635
  • 3
  • 30
  • 47
  • 2
    So the entire path needs group permission? It works like that. – johnlemon Dec 30 '11 at 20:06
  • 1
    @user: Not the entire path - just the file's immediate parent directory. You are only modifying the directory's contents. The *higher* parents *do not matter at all*. – u1686_grawity Dec 30 '11 at 20:08
  • I update the answers – johnlemon Dec 30 '11 at 20:09
  • 1
    This is not exactly true. You only need write perms on the containing directory. The perms can be any of user, group, or other, it doesn't have to be group perms that allow you. – Rich Homolka Dec 30 '11 at 20:12
  • @Rich: AFAIK, only one set is checked. If you are the owner, the system will only check 'owner' perms, not 'group' nor 'others'. If you are in the group, the system won't check 'others' perms. (`touch foo; chmod 6 foo; ls -l foo; cat foo`) – u1686_grawity Dec 30 '11 at 20:24
  • I have removed the "any parent of the containing directory" phrase from my answer. Not sure what I was thinking... – Andrew Lambert Dec 30 '11 at 21:26
  • Psst! The clue is in the final sentence of the question. Hint: Your answer mentions permissions but omits another relevant factor. – JdeBP Dec 30 '11 at 23:19
  • @grawity true, sorry that I was unclear, the answer originally said "it checks groups" I just wanted to say "it may check users, groups, or other as appropriate", not that it will check all 3. But, you know I can't edit comments on stackexchange sites. – Rich Homolka Dec 31 '11 at 04:36
1

I tried the same thing, and ran into the same problem.

Starting a new terminal session the problem. This can be achieved by:

  1. Logging out and logging back in
  2. Going to one of the 6 ttys (Ctrl+Alt+F1-6) (Note: Ctrl+Alt+F7 is your GUI session)
  3. using su boby to start a new session for user boby.

Cheers!

Here Be Wolves
  • 231
  • 3
  • 8
1

I bet the file you're trying to delete is in /tmp.

See Linux - group member cannot delete file with rw permission

/tmp usually has the "sticky" aka "restricted deletion" mode set (o+t). With this mode set, only the file's owner can move or delete files in that directory regardless of any permissions.

Community
  • 1
Dagelf
  • 901
  • 10
  • 18
-1

the file you want to have delete permissions too, after a chmod 775 or 777, place it under a directory which has been chmod 775 or 777 too.

e.g sudo touch /root/comments.db sudo chmod 777 /root/comments.db and then as a non sudoer : rm /root/comments.db # doesnt work

However, mkdir -p /root/comments/comments.db sudo touch /root/comments/comments.db sudo chmod 777 /root/comments/comments.db sudo chmod 7775 /root/comments and then as a non sudoer : rm /root/comments/comments.db # works

khanna
  • 99